CVE-2021-28937

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 28.08.06.1 contains the administrator account password in plaintext. The page can be intercepted on HTTP...

Amazon Acexy Wireless-N WiFi Repeater REV 安全漏洞

Amazon Acexy Wireless-N WiFi Repeater REV is an Amazon.com, Inc. It is used to provide network services A security vulnerability exists in Acexy Wireless-N WiFi Repeater REV 1.0, which originates from a plaintext password containing the administrator account. It is possible to intercept the page ...

CVE-2021-25368

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed...

Security feature bypass

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed...

CVE-2021-25368

The vulnerability CVE-2021-25368 affects Samsung Cloud prior to version 4.7.0.3. Affected component: Samsung Cloud application; issue described as a hijacking vulnerability that allows an attacker to intercept during the provider’s execution. Root cause details are not provided in the connected d...

CVE-2021-25368

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed...

Cisco Jabber Certificate Validation Vulnerability

Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. Cisco Jabber suffers from a certificate validation vulnerability that can be exploited by an attacker to be able to inspect or modify the...

CVE-2021-1411

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1411 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Cisco Jabber 信任管理问题漏洞

Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. Cisco Jabber suffers from a certificate validation vulnerability that can be exploited by an attacker to be able to inspect or modify the...

SOYAL Biometric Access Control System 5.0 - Master Code Disclosure

Exploit Title: SOYAL Biometric Access Control System 5.0 - Master Code Disclosure Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affect...

CVE-2019-18231

Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...

Server side request forgery (ssrf)

Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...

Samsung Email application authorization issue vulnerability

Samsung Email application is a cell phone application from Samsung South Korea. It provides the function of sending and receiving e-mail. A security vulnerability exists in the Samsung Email application version, which can be exploited by an attacker to intercept the provider at the time of...

The vulnerability of the Netlify domain controller, related to improperly configured DNS records, allows attackers to intercept cookie files, bypass Content Security Policy (CSP) security policies, Cross-Origin Resource Sharing (CORS) mechanisms, and gain unauthorized access to protected information.

The vulnerability of the Netlify domain controller implementation is related to improperly configured DNS records. Exploiting this vulnerability allows a malicious actor to intercept cookie files, bypass security mechanisms like CSP, Cross-Origin Resource Sharing CORS, and gain unauthorized acces...

EulerOS Virtualization 3.0.6.6 : ibus (EulerOS-SA-2021-1483)

According to the version of the ibus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due t...